There is little ability for a user to test for the presence of a suspected, yet unknown, virus in a file until the virus has been identified by a virus laboratory, its code noted, and a database of the code disseminated to computer users via an antivirus program database.
One method of attempting to identify suspected, yet unknown virii is to provide a scanning service, to a user, through an Application Service Provider (“ASP.”)
An ASP, whether through the Internet or other networks, may assist in resolving some testing issues. For example, the ASP may minimize the need for testing by the user by providing a constantly updated database. An ASP might also provide a testing method for suspected, yet unknown virii by having the user send his or her email to a server for virus scanning, through an open relay. In other words, email is sent to a server and the server scans the email and then forwards the email according to its address. The problem with this method is that open relay mail servers may be attacked, such as might be the case for example when an open relay email server is hacked to provide unsolicited bulk email (UBE) or hacked in order to be used as a denial of service (DOS) platform. Thus an open relay method may be unacceptable.
Another method is to allow users to send email to the server which is then processed and returned to the sender. However, this method may also be unacceptable because of interception possibilities. For example, a malicious user could surreptitiously install a program on the server that allows the interception of email, forging of email, etc.
Accordingly, there exists a need for improved apparatus, methods and articles of manufacture for computer virus testing.